From 404f304d00e69dcdfdb83537e8c11b8c253e415e Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Sat, 16 Apr 2022 14:21:51 +0200 Subject: man: *NAT: Review --random* option descriptions Stating the option again in the first (single?) sentence is pointless. Get rid of that initial half-sentence in MASQUERADE options and unify the texts a bit. Signed-off-by: Phil Sutter --- extensions/libxt_DNAT.man | 4 +--- extensions/libxt_MASQUERADE.man | 10 ++-------- extensions/libxt_REDIRECT.man | 4 +--- extensions/libxt_SNAT.man | 8 ++------ 4 files changed, 6 insertions(+), 20 deletions(-) diff --git a/extensions/libxt_DNAT.man b/extensions/libxt_DNAT.man index 12d334af..af9a3f06 100644 --- a/extensions/libxt_DNAT.man +++ b/extensions/libxt_DNAT.man @@ -25,9 +25,7 @@ For a single port or \fIbaseport\fP, a service name as listed in \fB/etc/services\fP may be used. .TP \fB\-\-random\fP -If option -\fB\-\-random\fP -is used then port mapping will be randomized (kernel >= 2.6.22). +Randomize source port mapping (kernel >= 2.6.22). .TP \fB\-\-persistent\fP Gives a client the same source-/destination-address for each connection. diff --git a/extensions/libxt_MASQUERADE.man b/extensions/libxt_MASQUERADE.man index 7746f473..26d91ddb 100644 --- a/extensions/libxt_MASQUERADE.man +++ b/extensions/libxt_MASQUERADE.man @@ -20,16 +20,10 @@ if the rule also specifies one of the following protocols: \fBtcp\fP, \fBudp\fP, \fBdccp\fP or \fBsctp\fP. .TP \fB\-\-random\fP -Randomize source port mapping -If option -\fB\-\-random\fP -is used then port mapping will be randomized (kernel >= 2.6.21). +Randomize source port mapping (kernel >= 2.6.21). Since kernel 5.0, \fB\-\-random\fP is identical to \fB\-\-random-fully\fP. .TP \fB\-\-random-fully\fP -Full randomize source port mapping -If option -\fB\-\-random-fully\fP -is used then port mapping will be fully randomized (kernel >= 3.13). +Fully randomize source port mapping (kernel >= 3.13). .TP IPv6 support available since Linux kernels >= 3.7. diff --git a/extensions/libxt_REDIRECT.man b/extensions/libxt_REDIRECT.man index 10305597..1cbdb9ba 100644 --- a/extensions/libxt_REDIRECT.man +++ b/extensions/libxt_REDIRECT.man @@ -19,8 +19,6 @@ if the rule also specifies one of the following protocols: For a single port, a service name as listed in \fB/etc/services\fP may be used. .TP \fB\-\-random\fP -If option -\fB\-\-random\fP -is used then port mapping will be randomized (kernel >= 2.6.22). +Randomize source port mapping (kernel >= 2.6.22). .TP IPv6 support available starting Linux kernels >= 3.7. diff --git a/extensions/libxt_SNAT.man b/extensions/libxt_SNAT.man index 08766447..80a698a6 100644 --- a/extensions/libxt_SNAT.man +++ b/extensions/libxt_SNAT.man @@ -21,14 +21,10 @@ will be mapped to ports below 1024, and other ports will be mapped to 1024 or above. Where possible, no port alteration will occur. .TP \fB\-\-random\fP -If option -\fB\-\-random\fP -is used then port mapping will be randomized through a hash-based algorithm (kernel >= 2.6.21). +Randomize source port mapping through a hash-based algorithm (kernel >= 2.6.21). .TP \fB\-\-random-fully\fP -If option -\fB\-\-random-fully\fP -is used then port mapping will be fully randomized through a PRNG (kernel >= 3.14). +Fully randomize source port mapping through a PRNG (kernel >= 3.14). .TP \fB\-\-persistent\fP Gives a client the same source-/destination-address for each connection. -- cgit v1.2.3